| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20121215062301.57fe3419c89cda66c14b77972f81dbfd.9eff83b5f2.wbe@email06.secureserver.net> Date: Sat, 15 Dec 2012 06:23:01 -0700 From: "Kenneth F. Belva" <ken@...verbackventuresllc.com> To: bugtraq@...urityfocus.com Subject: RE: PHP Addressbook v8.2.5 Group Name XSS I can confirm that the below vulnerability also applies v8.2.5, the latest version. PHP Addressbook software URL: http://sourceforge.net/projects/php-addressbook/?source=directory I don't mean to clog the list but I was doing research on an earlier version and didn't realize that a later version was also released. Ken -------- Original Message -------- Subject: Addressbook v8.1.24.1 Group Name XSS From: "Kenneth F. Belva" <research@...verbackventuresllc.com> Date: Wed, December 12, 2012 8:15 am To: bugtraq@...urityfocus.com Instructions. After authentication, click on the Group tab at the top. Click on the New Group Button on the group page. For the group name (the first field) enter the following XSS test string: <SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> Then call the XSS string from the URL -- technically one calls the group name -- through the group parameter as such: http://[server]/index.php?group=%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E I emailed the apparent author but did not receive a reply. Ken http://silverbackventuresllc.com
Powered by blists - more mailing lists